Connecting with an SSH client

When connecting with an SSH client, you must have the server's IP address and password for the bitnami user account. If you chose to configure key-based authentication, you must have the SSH private key for the bitnami user account in .ppk format (for Windows) or in .pem format (for Linux and Mac OS X).

Depending on your platform, follow the instructions below:

Connecting with an SSH client on Windows

In order to access your server via SSH tunnel you need an SSH client. In the instructions below we have selected PuTTY, a free SSH client for Windows and UNIX platforms. To access the server via SSH tunnel using PuTTY on a specific port using an SSH tunnel, you need to have it configured in order to allow connections to your server.

Double-click the putty.exe file to bring up the PuTTY configuration window.

Step 2: Configure PuTTY

In the PuTTY configuration window, enter the host name or IP address of your virtual machine into the "Host Name (or IP address)" field, as well as into the "Saved Sessions" field. (Refer to the FAQ to know how to find the virtual machine's IP address). Then, click "Save" to save the new session so you can reuse it later.

Obtain your SSH credentials in order to allow the authentication against the server. Refer to the FAQ to learn how to obtain your SSH credentials for your client.

In the "Connection -> Data" section, enter the username bitnami into the "Auto-login username" field, under the "Login details" section.

Set the permissions for your private key file (*.pem) to 600 using a command like the one below. Refer to the FAQ to learn how to obtain your SSH credentials.

$ chmod 600 KEYFILE

Connect to the server using the following command:

$ ssh -i KEYFILE bitnami@SERVER-IP

Remember to replace KEYFILE in the previous commands with the path to your private key file (.pem), and SERVER-IP with the IP address or hostname of your virtual machine. Refer to the FAQ to know how to find the virtual machine's IP address.

Your SSH client might ask you to confirm the server's host key and add it to the cache before connecting. Accept this request by typing or selecting "Yes" (learn more).

How to access a server using an SSH tunnel?

Bitnami strongly discourages you from opening server ports apart from those defined by default. In case you need to access a server on a specific port remotely, Bitnami recommends creating an SSH tunnel instead of opening the port in the server firewall.

Depending on your operating system, follow these instructions to create an SSH tunnel and ensure secure access to the application.

IMPORTANT: Before following the steps below, ensure that you have enabled the SSH server (disabled by default) and that your application server is running.

Accessing a server using an SSH tunnel on Windows

In order to access your server via SSH tunnel you need an SSH client. In the instructions below we have selected PuTTY, a free SSH client for Windows and UNIX platforms.

Once you have your SSH client correctly configured and you tested that you can successfully access to your instance via SSH, you need to create an SSH tunnel. For doing so, follow these steps:

In the "Connection -> SSH -> Tunnels" section, create a secure tunnel by forwarding a port (the "destination port") on the remote server to a port (the "source port") on the local host (127.0.0.1 or localhost). An example of configuring an SSH tunnel between remote port 80 and local port 8888 is displayed below.

Click the "Add" button to add the secure tunnel configuration to the session. (You'll see the added port in the list of "Forwarded ports"). An example of configuring an SSH tunnel between remote port 80 and local port 8888 is displayed below.

In the "Session" section, save your changes by clicking the "Save" button.

Click the "Open" button to open an SSH session to the server. The SSH session will now include a secure SSH tunnel between the two specified ports.

While the tunnel is active, you should be able to access the application through the secure SSH tunnel you created, by browsing to http://127.0.0.1:SOURCE-PORT/ or http://localhost:SOURCE-PORT/. Remember to replace SOURCE-PORT with the source port number specified.

Accessing a server using an SSH tunnel on Linux and Mac OS X

To access the server on a specific port using an SSH tunnel, you need to have the following information:

Server's IP address

Username and password (if you want to connect the server using the SSH username and password).

Once you have the information above, follow these instructions to access the server using an SSH tunnel:

Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).

You have two options to configure the SSH tunnel: connect to the server using a private key (recommended) or connect to the server using a SSH password. Follow the instructions below per each option:

Option 1: Connect to the server without keyfile

Run the following command. Remember to replace SOURCE-PORT with the source port, DESTINATION-PORT with the destination port, USERNAME (bitnami by default), and SERVER-IP with the IP address or hostname of your virtual machine. Refer to the FAQ to know where is the virtual machine's IP address. Enter your SSH password when prompted.

Run the following command to configure the SSH tunnel. Remember to replace SOURCE-PORT with the source port, DESTINATION-PORT with the destination port, KEYFILE with the path to your private key, and SERVER-IP with the IP address or hostname of your virtual machine. Refer to the FAQ to know how to find the virtual machine's IP address.

NOTE: If successful, the above commands will create an SSH tunnel but will not display any output on the server console.

While the tunnel is active, you should be able to access the application through the secure SSH tunnel you created, by browsing to http://127.0.0.1:SOURCE-PORT/ or http://localhost:SOURCE-PORT/. Remember to replace SOURCE-PORT with the source port number specified.

What is the directory structure?

The installation process will create several sub-directories under the /opt/bitnami directory:

Application files are stored in the /opt/bitnami/apps/APPNAME/htdocs directory. The configuration file for the Apache Web server is stored in the /opt/bitnami/apps/APPNAME/conf/ directory.

What is a Bitnami image?

A Bitnami image includes everything you need to run your Bitnami-packaged application of choice. The installation and configuration of all of the software included in the stack is completely automated, making it easy for everyone, including those who are not very technical, to get them up and running.

All Bitnami images are completely self-contained and run independently of the rest of the software or libraries installed on your system. This means that you don't have to worry about installing any other software on your system to make the new application work. They also won't interfere with any software already installed on the system, so everything will continue to work normally.

How to obtain root privileges?

Execute any command as the root user by prefixing it with the sudo command. For example, to check server status, use the command below and enter the password for the bitnami user when prompted:

$ sudo /opt/bitnami/ctlscript.sh status

To directly log in using the root user account, use this command:

$ sudo su

To set a new password for the root user account, use these commands:

$ sudo su
$ passwd

How to find application credentials?

The default username for the application is user and the password is randomly generated (in older versions it was typically bitnami). You can obtain these credentials from the server console, above the login prompt, as shown below:

If you started a server (for example, MongoDB or similar) that isn't a Web application server, you can use the default administrator user to log in to the database (for example, root). You can find more information for each specific server in our documentation.

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and restart services. The script is located at /opt/bitnami/ctlscript.sh. Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ctlscript.sh restart apache

Use this script to stop all services:

$ sudo /opt/bitnami/ctlscript.sh stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh

How to change the login password for the virtual machine?

The default login password for the virtual machine console is displayed when it starts up, as shown below:

You will be automatically prompted to change this when you log in the first time. To change it later, execute the command below at the console:

$ passwd

How to remotely access the Bitnami application?

Access the Bitnami application by browsing to the virtual machine's IP address. This address is typically assigned to it by a DHCP server in your network. The IP address is displayed on screen at the end of the boot process, as shown below:

To see the current IP address, execute the following command at the server console after logging in:

If there is no DHCP server available or the DHCP server is not configured to give IP addresses to unknown hosts, is recommended to use the built-in hypervisor DHCP server. To do so, follow the instructions below:

Stop the virtual machine.

Update the network adapter to use "NAT" instead of "Bridged" mode.

Restart the virtual machine.

NOTE: This solution produces only an internal IP address for the virtual machine, so the Bitnami application will only be accessible from the hypervisor host.

Option 3: Configure the network manually and assign a static IP address to the virtual machine.

For example, if your local network uses IP addresses of the form 192.168.1.X and you know that the IP address 192.168.1.234 is unassigned, manually assign this to the virtual machine by executing the command below at the virtual machine console:

$ sudo ifconfig eth0 192.168.1.234 netmask 255.255.255.0 up

With this configuration, the Bitnami application should be accessible from any host on the same network at the IP address 192.168.1.234.

How to configure the application's IP address or hostname?

By default, Bitnami applications update their internal IP address or hostname at boot time. However, it may be necessary to change this manually if the virtual machine IP address changes.

To do this, execute the command below, replacing APPNAME with the directory holding the application and IP-ADDRESS with the new IP address or hostname:

How to open the server ports for remote access?

IMPORTANT: Making this application's network ports public is a significant security risk. You are strongly advised to only allow access to those ports from trusted networks. If, for development purposes, you need to access from outside of a trusted network, please do not allow access to those ports via a public IP address. Instead, use a secure channel such as a VPN or an SSH tunnel. Follow these instructions to remotely connect safely and reliably.

By default, the Bitnami virtual machines firewall is configured to allow access in any ports required by the application and SSH (usually ports 80, 443 and 22).

To open a different port:

Log in to the server console.

Execute the following command, replacing the PORT placeholder with the number of the port to be opened:

$ sudo ufw allow PORT

More information about modifying the firewall configuration is available on the Debian Wiki.

How to close the server ports and deny remote access?

By default, the Bitnami virtual machines firewall is configured to allow access in any ports required by the application and SSH (usually ports 80, 443 and 22).

To close an open port:

Log in to the server console.

Execute the following command, replacing the PORT placeholder with the number of the port to be closed:

$ sudo ufw deny PORT

More information about modifying the firewall configuration is available on the Debian Wiki.

How to change the keyboard layout?

Use the dpkg-reconfigure tool to change the keyboard layout, with the command below:

$ sudo dpkg-reconfigure keyboard-configuration

How to enable desktop access?

To allow desktop access for the bitnami user, follow these steps:

Debian

Install the gnome-core package:

$ sudo apt-get update
$ sudo apt-get install gnome-core

Reboot the machine.

You should now be able to log in to the desktop as bitnami user.

Ubuntu

Install the ubuntu-desktop package:

$ sudo apt-get update
$ sudo apt-get install ubuntu-desktop

Create a new file named /usr/share/lightdm/lightdm.conf.d/60-bitnami.conf and add the following lines as shown below:

The first step is to ensure that you have the server's IP address and password for the bitnami user account. If you chose to configure key-based authentication, you must have the SSH private key for the bitnami user account in .ppk format (for Windows) or in .pem format (for Linux and Mac OS X).

Once you have confirmed that you have the IP address and correct SSH credentials for your server, follow the instructions below depending on the platform you wish to use.

Although you can use any SFTP/SCP client to transfer files to your server, this guide documents FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X).

Using an SSH Key

Once you have your server's SSH key, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla

IMPORTANT: To use FileZilla, your server private key should be in PPK format.

Follow these steps:

Download and install FileZilla.

Launch FileZilla and use the "Edit -> Settings" command to bring up FileZilla's configuration settings.

Within the "Connection -> SFTP" section, use the "Add keyfile" command to select the private key file for the server. FileZilla will use this private key to log in to the server.

Use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.

Enter your server host name and specify bitnami as the user name.

Select "SFTP" as the protocol and "Ask for password" as the logon type.

Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

WinSCP

IMPORTANT: To use WinSCP, your server private key should be in PPK format.

Follow these steps:

Download and install WinSCP.

Launch WinSCP and in the "Session" panel, select "SFTP" as the file protocol.

Enter your server host name and specify bitnami as the user name.

Click the "Advanced…" button and within the "SSH -> Authentication -> Authentication parameters" section, select the private key file for the server. WinSCP will use this private key to log in to the server.

From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you need to upload files to a location where the bitnami user doesn't have write permissions, you have two options:

Once you have configured WinSCP as described above, click the "Advanced…" button and within the "Environment -> Shell" panel, select sudo su - as your shell. This will allow you to upload files using the administrator account.

Upload the files to the /home/bitnami directory as usual. Then, connect via SSH and move the files to the desired location with the sudo command, as shown below:

$ sudo mv /home/bitnami/uploaded-file /path/to/desired/location/

Cyberduck

IMPORTANT: To use Cyberduck, your server private key should be in PEM format.

Follow these steps:

Select the "Open Connection" command and specify "SFTP" as the connection protocol.

In the connection details panel, under the "More Options" section, enable the "Use Public Key Authentication" option and specify the path to the private key file for the server.

Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

Using a Password

Once you have your server's SSH credentials, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla

Follow these steps:

Download and install FileZilla.

Launch FileZilla and use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.

Enter your server host name.

Select "SFTP" as the protocol and "Ask for password" as the logon type. Use bitnami as the server username and the password generated during the server deployment process.

Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

WinSCP

Follow these steps:

Download and install WinSCP.

Launch WinSCP and in the "Session" panel, select "SFTP" as the file protocol.

Enter your server host name and set bitnami as the server username.

From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session. Enter the password when prompted.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

Cyberduck

Follow these steps:

Select the "Open Connection" command and specify "SFTP" as the connection protocol.

In the connection details panel, enter the server IP address, bitnami as the username, and the password generated during the deployment process.

Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

How to configure your application to use a third-party SMTP service for outgoing email?

Bitnami applications can be configured to use a third-party SMTP service for outgoing email. Examples of such third-party SMTP services are SendGrid and Mandrill. Instructions for using both these are provided below.

SendGrid

SendGrid's SMTP service can be accessed using your SendGrid account credentials. These credentials can be obtained by logging in to the SendGrid website and visiting the "Account Details" page.

Mandrill

Mandrill's SMTP service requires an API key for access. To obtain this key, log in to the Mandrill website, navigate to the "SMTP & API" section and create an API key. Note the SMTP server name, username and API key, as these serve as your credentials for accessing the Mandrill SMTP server.

To configure your application to send email through Mandrill's SMTP service, use the settings below. Replace USERNAME with your SMTP username and API-KEY with the generated API key.

Similar steps can be followed for other third-party SMTP services as well. Consult your service provider's documentation to obtain details on authentication credentials and available ports.

How to increase the available memory for the virtual machine?

Increase the RAM for a virtual machine through the "Settings" panel. Here's what it looks like for VirtualBox:

Recent versions of Bitnami virtual machines include the PAE kernel, which allows you to increase assigned RAM memory to more than 4 GB. The optimal setting will also depend on the host machine's capabilities and the number of virtual machines running simultaneously.

TIP: It's good practice to share the RAM between the host machine and the virtual machine. For example, if the host machine has 2 GB RAM and you are only running one virtual machine, increase the RAM of the virtual machine to 1 GB. It is not advisable to increase it to more than this because this may result in the host machine running out of physical memory and switching to swap memory, which significantly decreases overall performance.

How to add a new virtual disk?

To create a new virtual disk and increase the disk space available on your virtual machine, follow these steps:

In the machine's "Settings", add a new SCSI disk drive and configure the disk size.

Browse to the Webmin application, log in and click the "Refresh Modules" button. You should now see the "Apache Webserver", "PostgreSQL Database Server" and "MySQL Database Server" listed in the "Servers" tab.

How to install VirtualBox Guest Additions on Bitnami virtual machines?

To install VirtualBox Guest Additions, follow these steps:

Stop the virtual machine.

Edit the virtual machine settings and from the "System" tab, add a new CD-ROM device to the machine.

Restart the virtual machine.

Check the current kernel version:

$ uname -a

Install some needed dependencies as shown below. Remember to replace the VERSION placeholder with the kernel version from the previous command. packages with the proper kernel_version shown by the previous command:

$ sudo apt-get -y install dkms build-essential linux-headers-VERSION

Restart the virtual machine:

$ sudo reboot

From the virtual machine menu, select the "Devices -> CD/DVD Devices -> Choose a virtual CD/DVD disk file" option. Select the VBoxGuestAdditions.iso file. This action simulates inserting a CD-ROM that includes the tools.

The VBoxGuestAdditions.iso file is usually located in the /usr/share/virtualbox/ directory on Linux, in the C:\Program Files\Oracle\VirtualBox directory on Windows and the Contents/MacOS directory of the VirtualBox package on Mac OS X.

Define other characteristics of the virtual machine, such as the boot device, available RAM and network interfaces. The commands below are illustrative only and will need to be modified for your specific hardware devices. For more information on how to configure your virtual machine with VBoxManage, please refer to the VirtualBox manual.

The virtual machine will be accessible using RDP. You can use any RDP viewer to connect and work with the virtual machine. For more information on available RDP viewers for your host platform and how to connect, refer to the VirtualBox manual.

TIP: When connecting to your headless VirtualBox machine with an RDP client, remember to use the IP address of the host system and not the VirtualBox machine.

Does Bitnami collect any data from deployed Bitnami stacks?

Yes. Bitnami cloud images and virtual machines include a small agent that starts on boot and collects a few pieces of information about the system. For users of Bitnami Virtual Machine Images, Cloud Templates, and Container Images we may also collect information from downloaded, pulled or deployed images or instances, such as the instance type, IP address and operating system version or the Bitnami account used to launch the image in order to improve our product offerings.

We encourage you to leave this tracking on, but if you would like to turn it off, you can comment out or delete the following line in the /etc/crontab file:

X * * * * bitnami cd /opt/bitnami/stats && ./agent.bin --run -D

(where X is a random number for each instance generated at the boot time)

What does the SSH warning 'REMOTE HOST IDENTIFICATION HAS CHANGED' mean?

This warning is normal when trying to connect to the same IP address but a different machine - for instance, when you assign the same static IP address to another server. You can fix the problem by removing the IP address that you are trying to connect to from your ~/.ssh/known_hosts file.

If you use PuTTY, the SSH key mismatch warning looks like the image below:

In this case, click "Yes" if you know the reason for the key mismatch (IP address reassigned to another server, machine replaced, and so on).

How to improve server performance?

Consider the following tips to improve the performance of your server.